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ABSTRACT 


Quick and robust fault diagnosis is critical to ensuring safe 
operation of complex engineering systems. A large number 
of techniques are available to provide fault diagnosis in sys- 
tems with continuous dynamics. However, many systems in 
aerospace and industrial environments are best represented 
as hybrid systems that consist of discrete behavioral modes, 
each with its own continuous dynamics. These hybrid dy- 
namics make the on-line fault diagnosis task computationally 
more complex due to the large number of possible system 
modes and the existence of autonomous mode transitions. 
This paper presents a qualitative fault isolation framework 
for hybrid systems based on structural model decomposition. 
The fault isolation is performed by analyzing the qualitative 
information of the residual deviations. However, in hybrid 
systems this process becomes complex due to possible exis- 
tence of observation delays, which can cause observed devi- 
ations to be inconsistent with the expected deviations for the 
current mode in the system. The great advantage of structural 
model decomposition is that (7) it allows to design residuals 
that respond to only a subset of the faults, and (ii) every time 
a mode change occurs, only a subset of the residuals will need 
to be reconfigured, thus reducing the complexity of the rea- 
soning process for isolation purposes. To demonstrate and 
test the validity of our approach, we use an electric circuit 
simulation as the case study. 


1. INTRODUCTION 


The development of robust and efficient fault diagnosis tech- 
niques plays an important role in complex engineering sys- 
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tems. A large number of fault diagnosis techniques have 
been developed during the last few decades for continuous 
systems. However, nowadays, many engineering systems are 
modeled as hybrid systems that have both continuous and 
discrete-event dynamics. For such systems, the large num- 
ber of possible system modes with different dynamics and 
the existence of autonomous mode transitions significantly 
increases the complexity of the fault diagnosis problem. 


Different proposals exist in the literature for hybrid systems 
diagnosis, focusing on either hybrid modeling, such as hy- 
brid automata (Henzinger, 2000; Rienmiiller, Bayoudh, Hof- 
baur, & Travé-Massuyés, 2009; Bayoudh, Travé-Massuyés, 
& Olive, 2008), hybrid state estimation (Hofbaur & Williams, 
2004), or a combination of on-line state tracking and residual 
evaluation (Benazera & Travé-Massuyés, 2009). However, in 
all those approaches, the proposed solutions involve model- 
ing and pre-enumeration of the set of all possible system-level 
discrete modes, which grows exponentially with the number 
of switching components. Both steps are computationally 
very expensive or even infeasible for hybrid systems with a 
large number of complex interacting subsystems. 


One of the solutions to avoid the mode pre-enumeration prob- 
lem consists of building hybrid system models in a composi- 
tional way, where discrete modes are defined at a local level 
(e.g., at the component level), and the system-level mode is 
defined implicitly by the local component-level modes. This 
allows the modeler to focus on the discrete behavior only 
at the component level, and the pre-enumeration of all the 
system-level modes can be avoided (Narasimhan & Brown- 
ston, 2007; Trave-Massuyes & Pons, 1997). Additionally, 
building models in a compositional way facilitates reusabil- 
ity and maintenance, and allows the validation of the com- 
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ponents individually before they are composed to create the 
system-level hybrid model. 


In previous work (Daigle, Bregon, & Roychoudhury, 2015), 
we proposed a compositional modeling approach for hy- 
brid systems, where models consist of user-defined com- 
ponents. A component is constructed by defining a set of 
discrete modes, with a different set of mathematical con- 
straints describing the continuous dynamics in each mode. 
Within this framework, we defined algorithms for efficient 
causality assignment and re-assignment upon mode changes. 
For a given system mode, structural model decomposi- 
tion (Roychoudhury, Daigle, Bregon, & Pulido, 2013) is used 
to construct minimal submodels for residual generation, and, 
based on efficient causality reassignment, can be efficiently 
reconfigured upon mode changes. 


We demonstrated in (Daigle, Bregon, & Roychoudhury, 
2015) how the minimal submodels can be used for efficient 
residual generation over the different modes of the system. 
In this paper, we extend this framework with a qualitative 
approach for online fault isolation of hybrid systems. Our 
approach assumes only single faults occur in the system and 
we choose to deal with deviations in system parameters (i.e. 
parametric faults) only and not discrete faults. The approach 
works by abstracting qualitatively the transients of residual 
deviations and comparing those with the predicted fault tran- 
sients. Unlike previous approaches based on this methodol- 
ogy (P. J. Mosterman & Biswas, 1999; Daigle, Koutsoukos, 
& Biswas, 2009; Narasimhan & Biswas, 2007), we make use 
of structural model decomposition to decrease the complexity 
of the diagnosis task. In hybrid systems, mode changes typ- 
ically modify the predicted fault transients, and, further, ob- 
servation delays (e.g., due to delays in signal filtering within 
a fault detection algorithm, or communication delays) can 
cause that the observed transient may be consistent with a 
previous mode of the system. As it has been discussed by 
other authors (Narasimhan & Biswas, 2007), both issues sig- 
nificantly complicate the reasoning process. Using structural 
model decomposition, the associated complexity can be re- 
duced greatly because (i) it allows the design of residuals that 
respond to only a subset of the faults (Bregon et al., 2014); 
and (ii) every time a mode change occurs, only a subset of 
the residuals will need to be reconfigured (Daigle, Bregon, & 
Roychoudhury, 2015). Using an electrical circuit as a case 
study, we demonstrate that our approach can correctly isolate 
faults in hybrid systems even if the system transitions among 
different mode changes and presents observation delays dur- 
ing the isolation process. 


The paper is organized as follows. Section 2 summarizes 
the compositional modeling approach and introduces the case 
study. Section 3 presents the problem we solve in this paper. 
Section 4 describes the qualitative fault isolation approach 
for hybrid systems. Section 5 demonstrates the approach for 


the electrical case study. Section 6 reviews the related work 
and current approaches for hybrid systems fault diagnosis and 
puts our work into context. Finally, Section 7 concludes the 


paper. 


2. COMPOSITIONAL HYBRID SYSTEMS MODELING 


As we have mentioned, in (Daigle, Bregon, & Roychoudhury, 
2015) we proposed a compositional approach for hybrid sys- 
tems modeling, in which system models are made up of a 
set of user-defined components, where each component is de- 
fined by a set of discrete modes, with a different set of con- 
straints describing the continuous dynamics of the component 
in each mode. In this section, we summarize the main de- 
tails of the hybrid system modeling framework and structural 
model decomposition approach. For additional details, we 
refer the reader to (Daigle, Bregon, & Roychoudhury, 2015). 


2.1. System Modeling 


At the basic level, the continuous dynamics of a component 
in each mode are modeled using a set of variables and a set 
of constraints. A constraint is defined as follows: 


Definition 1 (Constraint). A constraint c is a tuple (€., V.), 
where €, is an equation involving variables V.. 


A component is defined by a set of constraints over a set of 
variables. The constraints are partitioned into different sets, 
one for each component mode. A component is then defined 
as follows: 


Definition 2 (Component). A component « with n discrete 
modes is a tuple k = (V,,,C,), where V,, is a set of variables 
and C,, is a set of constraints sets, where C,, is defined as 
C,, = {CL,C?,...,C”}, with a constraint set, C™, defined 
for each mode m = {1,...,n}. 


To illustrate our proposal, throughout the paper we will use 
a circuit example, shown in Fig. 1. The components of the 
circuit are a voltage source, V, two capacitors, C; and Co, 
two inductors, L; and Lg, two resistors, R; and Rg, and two 
switches, Sw, and Swe, as well as components for series and 
parallel connections. Sensors measure the current or voltage 
in different locations (73, vg, and 211, as indicated in Fig. 1). 
Because each switch has two modes (on and off), there are 
four total modes in the system. The components of the circuit 
are defined in Table 1. 


Example 1. Consider the component Sw. (K 19). It has two 
modes: on (represented as mode 2 in Table 1) and off (rep- 
resented as mode 1). In the off mode, it has three constraints 
setting each of its currents (79,710, 711) to 0. In the on mode, 
it has also three constraints, setting the three currents equal to 
each other and establishing that the voltages sum up (it acts 
like a series connection when in the on mode). 
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Figure 1. Electrical circuit running example. 


Table 1. Components of the electrical circuit. 















































Component Mode Constraints 
Ky: Vv 1 U1 =Uv 
K2: Swi 1 214=0 
i2=0 
2 i1=12 
U1 =v2 
«3: Parallel Connection, 1 V2=V3 
U2=V4 
dg=13 + 14 
Ka: Li 1 fa=v3 
is=fa/L1 
h=f,, fs 
K5: Series Connection; 1 tats 
ia=ie6 
ta=t7 
Va=U5 + UE + U7 
Ke: Ri 1 Us=15 * Ry 
K7: Ci 1 qe=16 
ve=qe/C1 
as=J,, d 
«Kg: Parallel Connectiong 1 U7=Us8 
U7=V9 
iz=ig + t9 
Kg: Lo 1 fs=vs 
is=fa/Lo 
fe=J,, fs 
K10: Swe 1 i9=0 
410=0 
411=0 
2 i9=110 
tg=l11 
V9=V10 + V11 
Ki1: Re 1 Vio=tio * Re 
Ki2: Ce 1 quit 
vu=qu/C2 
quis /,. qui 
K13: Current Sensor11 1 dit 
K14: Voltage Sensorg 1 Ug =Us 
K15: Current Sensor3 1 13=13 





We define a system model as a set of components: 


Definition 3 (Model). A model M = {k1, K2,.. 
finite set of k components for k € N. 


., Kp isa 


Example 2. The model of the electrical system is made up of 
the components detailed in Table 1, ie... M = {k1, Ko,..., 
k15}. For each component, the variables and constraints are 
defined for each component mode. 


The set of variables for a model, V,,, is the union of all 
the component variable sets, i.e., for d components, Vxyy = 
Viey UVa U.. UV... Vax consists of five disjoint sets, namely, 
the set of state variables, X,,; the set of parameters, O,4; 
the set of inputs (variables not computed by any constraint), 
Um; the set of outputs (variables not used to compute any 
other variables), Y,,; and the set of auxiliary variables, A,y. 
Parameters, O,,, include explicit model parameters that are 
used in the model constraints (e.g., fault parameters). Auxil- 
iary variables, A,,, are additional variables that are used to 
simplify the structure of the equations. 


Example 3. In the circuit model, we have X,j, = 
{f3, 96, fs,qi1}, Om = {L1,R1,C1, Le, Re,Co}, Um = 
{uy}, and Yu = {73,27,, ug}. Remaining variables belong 
to A,y. Here, the * superscript is used to denote a measured 
value of a physical variable, e.g., i3 € X,y is the current and 
73 € Yyy is the measured current. 


The interconnection structure of the model is captured us- 
ing shared variables between components, i.e., components 
kK, and «; are connected if V.,, Vi, AS. 


Example 4. In the circuit model, component «5 (Series 
Connection,) is connected to «3 (Parallel Connection,) 
through 74, to Ke (Ri) through 75 and vs, to &7 (C1) through 
ig and vg, and Kg (Parallel Connection2) through 77 and v7. 


In our work, a fault is the cause of an unexpected, persistent 
deviation of the system behavior from the acceptable nominal 
behavior. To simplify our approach, we link faults only to the 
set of parameters Oy, i.e., no discrete faults are considered. 
More formally, a fault is defined as follows. 


Definition 4 (Fault). A fault, denoted as f, is a persistent de- 
viation of exactly one parameter 0 € Oy, of the system model 
M from its nominal value. 


The model constraints, C',,, are a union of the component 
constraints over all modes, i.e., Cry = Cy, UCK, U.. -UCKg- 
Constraints are exclusive to components, that is, a constraint 
c € Cy belongs to exactly one C,, for & € M. 


To refer to a particular mode of a model we use the concept of 
a mode vector. A mode vector m specifies the current mode 
of each of the components of a model. So, the constraints for 
a mode m are denoted as CX). 


Example 5. Consider a model with five components, then 
ifm = [1,1,3,2,1], it indicates that components «1, Ko, 
and «5 use constraints of their mode 1, component K3 use 
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constraints of its mode 3, and component #4 use constraints 
of its mode 2. 


For shorthand, we will refer to the modes only of the compo- 
nents with multiple modes. So, for the circuit, we will refer 
only to components «2 and & 19, and we will have four possi- 
ble mode vectors, {1 1], {1 2], [2 1], and [2 2]. 


The switching behavior of each component can be defined 
using a finite state machine or a similar type of control spec- 
ification. For the purposes of this paper, we view the switch- 
ing behavior as a black box where the mode change event is 
given, and refer the reader to many of the approaches already 
proposed in the literature for modeling the switching behav- 
ior (Henzinger, 2000; P. Mosterman & Biswas, 2000). 


2.2. Structural Model Decomposition for Hybrid Systems 


In our framework, we use structural model decomposition to 
generate submodels for the purpose of computing residuals, 
i.e., the difference between observed and predicted system 
behavior, which are then used for diagnosis. The main advan- 
tage that structural model decomposition provides, in contrast 
to using a global model for residual generation, is that each 
residual is designed to respond to only a subset of the faults, 
thus decreasing the complexity of diagnosis. Further, it al- 
lows the diagnosis task to be distributed, improving scalabil- 
ity (Bregon et al., 2014). We will show later, in Section 4, 
the specific advantages that structural model decomposition 
provides for diagnosis of hybrid systems. 


In order to derive submodels, we need to assign causality 
to the system. Given a constraint c, belonging to a specific 
mode of a specific component, the notion of a causal assign- 
ment is used to specify a possible computational direction, 
or causality, for the constraint c. This is done by defining 
which v € V, is the dependent variable in equation €,. For a 
given mode, we have the set of causal assignments over the 
entire model in that mode, and with that we can compute the 
minimal submodels, using the GenerateSubmodel algo- 
rithm described in our previous work (Roychoudhury et al., 
2013). The algorithm finds a submodel, which computes a 
set of local outputs given a set of local inputs, by search- 
ing over the causal model. It starts at the local inputs, and 
propagates backwards through the causal constraints, find- 
ing which constraints and variables must be included in the 
submodel. When possible, causal constraints are inverted in 
order to take advantage of local inputs. Additional informa- 
tion and the pseudocode are provided in (Roychoudhury et 
al., 2013). 


In the context of residual generation, we set the local output 
set to a single measured value, and the local inputs to all other 
measured values and the (known) system inputs. That is, we 
exploit the analytical redundancy provided by the sensors in 
order to find minimal submodels to estimate values of sensor 


outputs. In this framework, we consider one submodel per 
sensor, each producing estimated values for that sensor. As- 
suming that the set of sensors does not change from mode to 
mode, we will always have one submodel per sensor. Since 
the set of constraints changes from mode to mode, the set of 
submodels will change as well, however, by taking advantage 
of causality information, reconfiguring the submodels can be 
done efficiently (Daigle, Bregon, & Roychoudhury, 2015). 


Example 6. Submodels can be represented visually using a 
graph notation, where vertices correspond to variables, and 
edges correspond to constraints with causal assignments, i.e., 
a directed edge from v; to v; means that v; is computed using 
v;. The submodel graphs for the circuit in mode m = [1 2] 
are shown in Fig. 2, and in mode m = [2 1] in Fig. 3. For 
example, consider 77,. In the first mode, it is computed using 
the measurements vg and 23 as inputs. The variable 72 is ef- 
fectively an input; it is set to 0 since Sw is off. Here, only a 
fault in Lz will propagate to 7},. In the second mode, Swe is 
off, and so 711 is set to 0, and the submodel contains only 711 
and 77,, and these variables are decoupled from all faults. 


3. PROBLEM FORMULATION 


Our qualitative fault diagnosis approach (Daigle, Roychoud- 
hury, & Bregon, 2015) works by reasoning over observations 
of how measurements deviate from expected nominal behav- 
ior. These observations are formed from a qualitative ab- 
straction of residual signal deviations. Residuals are com- 
puted as the difference between predicted nominal, #(t), and 
measured, y(t), system variables, i.e. a residual r(t) is com- 
puted as r(t) = y(t) — g(t). Predicted system variables 
g(t) are computed using the minimal submodels as described 
in the previous section. Fault detection works by determin- 
ing statistically significant nonzero deviations in the residu- 
als. Residual deviations are then abstracted into a symbolic 
representation to form fault signatures. These symbols are 
computed from the residuals using symbol generation, as de- 
scribed in (Daigle, Roychoudhury, & Bregon, 2015). Finally, 
the predicted signatures are compared with observed signa- 
tures in order to isolate faults. 


In the context of hybrid systems, the structure of the resid- 
ual generators changes from mode to mode, causing the set 
of fault signatures to also change. Observing mode change 
events can help to match the observations to both the fault and 
the mode in which they occurred. Further, if there is a delay 
in the observation of fault signatures, then the mode in which 
the deviation actually occurred may not be the current mode 
in the system in which it was observed, and consequently, 
the fault signature for the estimated fault could mismatch the 
fault signature for the current mode. A hybrid system diag- 
nosis algorithm must handle each of these challenges. 


We restrict the problem to single faults. 
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Figure 2. Submodel graphs for m = [1 2]. 


Assumption 1. Only single faults occur in the system. 


Thus, we define a diagnosis as follows. 


Definition 5 (Diagnosis). For a system with fault set F’, a 
diagnosis is a fault f © F that is consistent with a given 
finite sequence of observations. A set of diagnoses is denoted 
as D. 


In our diagnosis definition we appeal the Principle of Parsi- 


fi > fi 


uy —> vp — v2 — 03 i3<— L, 


| 


* 


13 
(a) 723 submodel graph. 
ty 
ty 


(b) ij, submodel graph. 


vg 
i |; > fs 
Vs <— 15 Vg 
uy — Vi — V2 — v4 aiee 
14 17 19 
ig V6 <— C; 
Io— 6 
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Figure 3. Submodel graphs for m = [2 1]. 


mony as stated by (Reiter, 1987), meaning that a diagnosis is 
a conjecture that some minimal set of components are faulty. 


The diagnosis problem can then be formally defined as fol- 
lows. 


Problem 1. For a system with fault set F’, given a finite se- 
quence of observations O, find the set of diagnoses D C F 
that is consistent with O. 


4. QUALITATIVE FAULT ISOLATION FOR HYBRID SYS- 
TEMS 


Generally speaking, for the purposes of diagnosis, we con- 
sider an observation to be an event observed at a particular 
time. 


Definition 6 (Observation). An observation is a tuple (e, t), 
where e is an observed event and t is the time of observation. 
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Table 2. Fault Signatures for global model of the electrical system. 





m = [12] 


m = [21] 





ris Tox Orderings 


Cy O- 0+ 0- & 











Ly -+ +- -* @ 
Ly —t O- -* Tix, ~ Tis, Ulu < Tix 
Rt 0+ 0- 0+ @ 
Ry O+ O- -+ Tux Tig, Tor X Tix, 


Pug Sigs Tug X Tet, 


ris, Tis Tos Orderings 


00 OO -+ Pox < Tig, Tox < Tix, 
00 00 00 © 
00 +0 00 Tis ~< Tix) Tis ~< Tox 


00 O00 -*« 


00 00 +- Pox < Tig, Tog < Tix, 


00 00 00 & 


Pog < Pigs tug XT, 





We consider two types of events: (i) fault signature events and 
(ii) mode change events. Section 4.1 reviews the event-based 
fault modeling framework based on the concepts of fault sig- 
natures (Daigle et al., 2009), and extends it to hybrid sys- 
tems. Following that, Section 4.2 describes how diagnostic 
reasoning can be performed under this new framework in the 
presence of mode changes. 


4.1. Event-based Fault Modeling 


The basis of the qualitative fault isolation approach is the con- 
cept of a fault signature. 


Definition 7 (Fault Signature). A fault signature for a fault f 
and residual r in mode m, denoted by of; is a pair of sym- 
bols s1 2 representing potential qualitative changes in magni- 
tude and slope of r caused by f at the point of the occurrence 
of f in mode m. The set of all fault signatures for a fault f 
over residuals R in mode m is denoted as Uy Rm. 


When a fault occurs, it produces a transient in the observed 
behavior with respect to the predicted nominal behavior, ob- 
served as changes in the residual signal (P. J. Mosterman & 
Biswas, 1999). These changes are formulated as qualitative 
changes (+, —, or 0) in residual magnitude and slope. 


Changes are observed in each residual that is a function of the 
fault. Thus, when a fault occurs, we observe a sequence of 
fault signatures. Relative residual orderings define a partial 
order of signatures for a given fault, and thus define all the 
possible fault signature sequences that can be produced by a 
fault. 


Definition 8 (Relative Residual Ordering). A relative resid- 
ual ordering for a fault f and residuals r; and r; in mode m 
is a tuple (r;,7;), denoted by r; <f.m 1, representing that 
f always manifests in r; before r; in mode m. The set of all 
orderings for a fault f over residuals R in mode m is denoted 
as QR: 


Example 7. Table 2 shows the fault signatures for two modes 
of the circuit system for the global model residuals. For ex- 
ample, in mode m = [1 2], CZ will cause a —+ in Tye, Le. a 
decrease in magnitude and increase in slope. On rj» it will 


Table 3. Fault Signatures for minimal submodels of the elec- 
trical system. 





m= [21] 

Fault riz, Tis Tus Tis, Tig Tus 
Cy, 00 0+ 00 00 O00 -+ 
Cy 00 00 -0 00 00 00 
Ly; 00 +- 00 00 +0 00 
Ly  -0 00 00 00 00 -* 
Ry 00 O- 00 00 OO +- 
Ry 00 00 +0 00 00 00 














cause 0-, i.e, no change in magnitude and an increase in 
slope. In m = [2 1], however, C2 is disconnected from the 
circuit and so cannot affect any of the residuals. 


Example 8. Table 3 shows the fault signatures for the cir- 
cuit for the same two modes for the local submodel residuals. 
Since residuals are computed independently, no orderings can 
be declared. Consider again the fault Cy. In m = [1 2], it 
now affects only the residual for ug, as it appears only in that 
local submodel (see Fig. 2). In fact, this is true for all faults - 
each is found in exactly one local submodel and so will affect 
exactly one residual, in either mode. 


A single sequence of fault signatures is termed a fault trace. 


Definition 9 (Fault Trace). A fault trace for a fault f over 
a set of residuals R in mode m, denoted by A¢,R,m, is a se- 
quence of fault signatures that can be observed given the oc- 
currence of f in mode m. 


Fault traces are grouped into fault languages.' 


Definition 10 (Fault Language). The fault language for a 
fault f and residual set R in mode m, denoted by Lyrm, 
is the set of all fault traces for f over R in m. 


‘Fault languages can be automatically derived for certain classes of system 
models (Daigle, 2008), obtained via simulation, or obtained experimentally. 
In this work, we assume that the fault languages are given as input. 
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For the purposes of this paper, we assume that signatures and 
orderings are correctly observed.” 


Assumption 2 (Correct Observation). If a fault f occurs in 
mode m, then the observed fault trace will belong to Ly Rm. 


4.2. Hybrid Systems Diagnosis 


For hybrid systems, fault signatures, residual orderings, fault 
traces, and fault languages are a function of the system mode. 
If the mode does not change between the point of fault occur- 
rence and the diagnosis of the fault, then the problem reduces 
to the continuous systems case. Otherwise, we will observe 
some new trace that may not belong to any mode-specific 
fault language, i.e., it may be a trace that is composed of par- 
tial traces for a fault from the different modes encountered 
during diagnosis. 


Example 9. For example, consider the global model residu- 
als (Table 2). Assume that the system starts in m = [1 2] and 
Rj} occurs. Then we could observe rot , followed by Vis 
So far, this partial trace can be found as a prefix to a trace 
in L RY.R, [1 2)° Now, assume that the system moves to mode 
m = [2 1], now we would observe r*.. This trace is not 
found in any mode-specific fault language. 


Thus, the first challenge is that now observed fault traces 
may contain some subtraces corresponding to one mode, and 
other subtraces corresponding to other modes. Thus, the fault 
isolation reasoning must span over several potential mode 
changes. If we know the system mode, then we know which 
fault language corresponds to the predicted observations for 
each fault. If there are unobservable mode changes, this adds 
another layer of complexity, because we must not only diag- 
nose which fault has occurred but also what mode the system 
is currently in. For the purposes of this paper, we make the 
following assumption. 


Assumption 3 (Mode Change Observability). All mode 
change events are observable. 


Given Assumption 3, we can define mode change events as 
follows. 


Definition 11 (Mode Change Event). An event e,,, represents 
the system changing from its current mode to mode m. 


However, even if we know the current mode of the system, 
there is another layer of complexity to consider: observation 
delay. Specifically, in our framework, this corresponds to the 
observations of fault signatures being delayed. The difficulty 
is that the system may be in one mode, but when the observa- 
tion arrives we have moved to a different system mode, and 
thus we do not know in which mode the observation was ac- 
tually made. 


Relaxation of this assumption has been explored for continuous systems 
in (Daigle, Roychoudhury, & Bregon, 2014). 





Algorithm 1 Diai + 
FaultIsolation(Dj, Ns Oj4+1; My) 
i Dy — oO 


2: for all g © Ma do 

3: forall f ¢ Di F,,, do 

4: if oj41 € Ufyra,4 5m and —dr € 
R),) s.t. r! < Toinr © QyR-Ry,,m then 

5: Dis — {f} 











Example 10. Consider again the previous example, in which 
the global model residuals are used, the system starts in m = 
[1 2] and R} occurs. Again, we observe Vi» followed by 


eo and then change to m = [2 1]. Say that ro occurred in 


the previous mode, but we only see get the observation now. 
This observation is not consistent with Rf in m = [2 1]. 


Observation delay can manifest in different ways. For exam- 
ple, fault detection is usually performed by checking whether 
a residual crosses some threshold. To make this approach 
robust to noise, usually we check that the mean of the resid- 
ual, computed over some small time window, has crossed that 
threshold. This means that the signal could actually cross the 
threshold in one mode, but the mean of the signal could cross 
only in the next mode. Thus, the observation of this signature 
is delayed. In practice, we can assume that observation delay 
is finite and bounded. 


Assumption 4 (Bounded Observation Delay). The delay of 
any observation is no greater than A. 


Given our assumptions, the algorithm for a single step of fault 
isolation for hybrid systems is shown as Algorithm 1.° As in- 
puts, it takes the current diagnosis, D;, the previous sequence 
of fault signatures, \;, the new fault signature, o;41, and the 
set of recent modes that falls within [¢ — A,t], Ma. The 
change from the continuous systems case is that we need to 
check signatures and orderings for each of the recent modes. 
If it is consistent in any of the modes, it must be added to 
Dj+1. Here, for a given mode m, we need to check only the 
subset of faults that are included in the current diagnosis and 
can actually affect this residual in this mode, denoted as F7.m. 
To check consistency, we check that the predicted signature 
for the residual associated with o;41, denoted as r,,,,, can 
be found in the signature set for that fault and residual, and 
that the orderings, with respect to residuals that have not yet 
deviated (those in R — Ry,, where Ry, denotes the residuals 
associated with the trace \;), are not violated. 


Algorithm | executes a single reasoning step, given a newly 
observed fault signature. This would be placed within a pro- 
gressive monitoring algorithm, that keeps track of the current 


3Because fault languages can become prohibitively large, we implement the 
fault isolation step directly using the signatures and orderings, which is 
more efficient (Daigle et al., 2009). 
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diagnosis, and computes the set of recent modes based on the 
times events are observed. 


The complexity of the fault isolation algorithm is dependent 
on the number of faults, | F'|, the number of residuals, | R|, and 
the number of modes, ||. For the global model case, each 
time a new residual deviates, we must check, for each mode 
in Ma, whether each fault is consistent. The local submodel 
approach improves over the global model approach by simul- 
taneously reducing both the effective |R| and the effective 
|M|. The effective |R| is decreased, because with structural 
model decomposition each fault affects only a subset of the 
residuals, so for each new residual deviation only a a subset 
of faults needs to be checked for consistency. The effective 
|M| is reduced, because with structural model decomposition 
each residual reconfigures only based on a few local compo- 
nent modes, whereas for the global model each residual is 
dependent on the system-level modes (which increases expo- 
nentially with the number of switching components). Due to 
these properties of structural model decomposition, the ap- 
proach scales at a significantly smaller rate as the system size 
increases than with the global model approach. 


Example 11. Consider the residual r;;. For the global model 
residuals (Table 2), all 6 faults can affect this residual in 

= [1 2], but in m = [2 1], only 1 fault affects it. So, 
if we are unsure of the mode in which the observation was 
actually made, all 6 faults must be considered in the conflict 
set. For the local submodel residuals (Table 3), 3 faults affect 
the residual in m = [1 2] and 1 in m = [2 1]. Ina system 
with more modes, this number increases at a much smaller 
rate than for the global model, due to the effects of the de- 
composition. 


5. DEMONSTRATION OF APPROACH 


In this section, we demonstrate the approach through some 
example scenarios using the circuit system. We consider 
two modes: one where Sw, is on and Swe is off (ie., 
m = [2 1]), and one where Sw is off and Sw is on (i.e., 
m = [1 2]). In all cases, the system starts in mode m = [2 1], 
switches to m = [1 2] att = 10 s, and switches back 
to m = [2 1] at a later time, depending on the scenario. 
The complete fault candidate set considered for diagnosis is 
{C,, R},L7,Cz, RI, Lz}. In each case, we compare the 
performance of the global model approach and the local sub- 
model approach. 


The symbol generation approach described in (Daigle et al., 
2010) is used, which uses the Z-test for statistical fault de- 
tection and symbol generation. A window of samples is used 
to compute the mean, and thus can produce a delay that in- 
creases with window size. For the particular fault detector 
settings, we consider the bounded observation delay to be 
A=5s. 


Example 12 CRT fault). In this scenario, an increase in R, is 
injected at t = 12 s. The measured and estimated values are 
shown in Fig. 4, which show that the behavior can be tracked 
through the mode changes during nominal operation. The 
residuals are shown in Fig. 5. In the global model residuals, 
we first observe ed at t = 12.2 s (Fig. 5c), which can be 


ae only to Ry oa Table 2). We then observe at 12.3 s, 

* (Fig. 5b) and oe . (Fig. 5a), and the diagnosis remains 
ih same. Since a mode change occurred within 5 s prior 
these observations, we must consider that the fault may have 
occurred in the previous mode (m = [2 1]). However, none 
of these signatures are consistent with any fault in that mode, 
and so the diagnosis remains the same. In the local submodel 
residuals, we first observe rie at t = 12.3 s (Fig. 5a), which, 


in this mode, is consistent only with Rf. In the previous 
mode, it is not consistent with any fault, and thus this is our 
diagnosis. At t = 20.0 s, a second mode change occurs, and, 
in this mode, uz will now respond to both these faults, and so 


Ce is observed (Fig. 5c), confirming the previous diagnosis. 


Example 13 (Cy, fault). In this scenario, a decrease in C; 
is injected at f = 12s. The residuals are shown in Fig. 6. 
For the global model residuals, we first observe ie at 12.55, 


which can be due to only C, (Table 2). Ne a mode change 
occurs at 12.7 s. At 13.0 s, we observe ry, , yet in this new 
mode we do not expect the fault to have ‘any effect on rx, 
i.e., this is a delayed observation from the previous mode, 
consistent still with C. No further residuals deviate. For 
the local submodel residuals, we observe first Toe at 12.7 s, 
which is when the mode changes after the fault inj jection. This 
signature is consistent with C] occurring in this mode and 
Ly in this mode (Table 3). At 12.9 s, we observe re, - , which 
is not expected in this mode, in fact it is delayed from the 
previous mode and consistent only with C| , ruling out L, , 
so C; is the only diagnosis. No other residuals deviate, and 
so no more reasoning is performed. 


6. RELATED WORK 


During the last decade or so, modeling and diagnosis for hy- 
brid systems have been an important topic of researchers from 
both the FDI and DX communities. In the FDI community, 
several hybrid system diagnosis approaches have been devel- 
oped. In (Cocquempot, El Mezyani, & Staroswiecki, 2004), 
parameterized ARRs are used. However, the approach is not 
suitable for systems with high nonlinearities or a large set 
of modes. In the DX community, some approaches have 
used different kind of automata to model the complete set 
of modes and transitions between them. In those cases, the 
main research topic has been hybrid system state estima- 
tion, which has been done using probabilistic (e.g., some 
kind of filter (Koutsoukos, Kurien, & Zhao, 2003) or hy- 


EUROPEAN CONFERENCE OF THE PROGNOSTICS AND HEALTH MANAGEMENT SOCIETY 2016 


+ Fault Injected 
Mode Change 











i Mode Change 





e 


#3 (A) 





Time (s) 
(a) 13. 


ty (A) 


»— Mode Change 


Mode Change 


‘— Fault Injected 
T 





0 3 10 15 20 25 30 
Time (s) 


(b) # 


«— Fault Injected 
*— Mode Change 
: : KS "Mode Change 


See, 
Si, 





Measured 
Estimated (Local) 
vabeneenens Estimated (Global) 





-10 





T i 1 1 
0 5 10 15: 20 25 30 
Time (s) 


(c) vg 


Figure 4. Measured and estimated values with an increase in 
R,att=12s. 


brid automata (Hofbaur & Williams, 2004)) or set-theoric ap- 
proaches (Benazera & Travé-Massuyés, 2009). 


Another solution has been to use an automaton to track the 
system mode, and then use a different technique to diagnose 
the continuous behavior (for example, using a set of ARRs for 
each mode (Bayoudh et al., 2008), or parameterized ARRs 
for the complete set of modes (Bayoudh, Travé-Massuyés, 
& Olive, 2009)). Nevertheless, one of the main difficulties 
regarding state estimation using these techniques is the need 
to pre-enumerate the set of possible system-level modes and 
mode transitions, which is difficult for complex systems. We 
avoid this problem by using a compositional approach. 


In (Alonso, Bregon, Alonso-Gonzalez, & Pulido, 2013), the 
authors present a qualitative fault isolation approach for hy- 
brid systems that is based on structural model decomposition. 


1.5 : «— Fault Injected 
a Mode Change : 
| : 5 — Mode Change 


#3 (A) 


0 ve : se ah eM i 


-1 2 
=P S i 


t 1 i T i 1 1 
0 5 10 15 20 25 30 
Time (s) 


(a) ix, 





0.5 


—- 


= 


ti i we ig vi 


-0.5 ‘ 


wh (A) 


#— Mode Change 


e Mode Change 
: ‘— Fault Injected 





I 1 7 1 7 T 1 
0 5 10 15 20 25 30 
Time (s) 


(b) tf, 


+ Fault Injected 











4 1 Made Change i 
3 ; : Mode Change 
2 a, 
e. 
ec J =e 
oa eran ant baat 
-1 
2 : 
3 = = = Residual (Local 
spiel legen Residual (Global) 
0 5 10 15 
Time (s) 
(c) vg 


Figure 5. Residual values with an increase in Ry att = 12s. 


This approach, however, unlike ours, does not take into ac- 
count observation delays. Moreover, the approach presented 
in (Alonso et al., 2013) is applicable only to systems that are 
modeled using hybrid bond graphs. 


The focus of the research published in (Gaudel, Chanthery, 
& Ribot, 2015) is the treatment of both knowledge-based and 
observation-based uncertainty in health monitoring of hybrid 
systems. The diagnosis approach can reason with unobserv- 
able discrete events (e.g., faults), as well as false observa- 
tions. However, unlike our generic formulation of hybrid sys- 
tems, this work is restricted to systems modeled using the 
Hybrid Particle Petri Nets (HPPN) formalism. 


Finally, in (Bregon, Narasimhan, Roychoudhury, Daigle, & 
Pulido, 2013), the authors had developed an efficient model- 
based methodology for diagnosis that integrated structural 
model decomposition within the Hybrid Diagnosis Engine 
(HyDE) architecture (Narasimhan & Brownston, 2007). The 
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Figure 6. Residual values with a decrease in C; att = 12s. 


HyDE architecture offers flexibility to choose the modeling 
paradigm and reasoning algorithms for diagnosis of hybrid 
systems. The authors show how the integration of the struc- 
tural model decomposition reduces the computational com- 
plexity associated with the fault diagnosis of hybrid systems. 
In our paper, similar reduction in computational complexity 
of fault diagnosis is observed, further bolstering the support 
for using structural model decomposition for hybrid systems 
diagnosis. 


7. CONCLUSIONS 


In this work, we have developed a qualitative fault isolation 
approach for hybrid systems using structural model decom- 
position. Fault isolation is performed by analyzing the quali- 
tative information of the residual signals. It has been proven 
that structural model decomposition can be used for hybrid 
systems fault isolation in the presence of observation delays, 
while the complexity of the isolation process can be reduced 


compared to a global model approach. The approach was 
demonstrated with a circuit system. In future work, we will 
further develop the hybrid systems diagnosis approach for 
discrete faults and for multiple fault diagnosis, and we will 
apply our approach to more complex systems. We will also 
show mathematically the improvement in the computational 
cost of the local algorithms. Finally, the assumption about 
unobservable mode changes occurring in the system can also 
be dropped, using the ideas developed in (Narasimhan & 
Biswas, 2007). 
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